Does GL Import External Images have any unpatched vulnerabilities?

No. All known vulnerabilities in GL Import External Images have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GL Import External Images compatible with WordPress 6.7.5?

According to WordPress.org data, GL Import External Images 3.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is GL Import External Images compatible with PHP 7.0+?

GL Import External Images requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is GL Import External Images updated?

GL Import External Images was last updated on Nov 29, 2024. Frequent updates are generally a positive security signal.

What is GL Import External Images's security score?

GL Import External Images has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GL Import External Images Security & Risk Analysis

wordpress.org/plugins/gl-import-external-images

Import and insert images to WordPress Media Library from external URLs.

800 active installs v3.1 PHP 7.0+ WP 2.6.0+ Updated Nov 29, 2024

downloadexternal-imagesimageimportmedia-library

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GL Import External Images Safe to Use in 2026?

Generally Safe

Score 92/100

GL Import External Images has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "gl-import-external-images" plugin version 3.1 exhibits a generally positive security posture based on the static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. The presence of a nonce check on the single AJAX handler is also a good practice. However, the critical concern lies in the output escaping. Only 20% of the outputs are properly escaped, meaning a significant portion of the plugin's output could be vulnerable to Cross-Site Scripting (XSS) attacks. This is particularly concerning given the plugin's function might involve processing and displaying external data, which could be manipulated to inject malicious scripts. The lack of any recorded vulnerabilities in its history is a positive indicator, but it should not overshadow the identified XSS risk within the code itself.

Key Concerns

Low percentage of properly escaped output

Vulnerabilities

None known

GL Import External Images Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

GL Import External Images Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

20% escaped5 total outputs

Attack Surface

GL Import External Images Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_gliei_actiongl-import-external-images.php:112

WordPress Hooks 2

actionpost-upload-uigl-import-external-images.php:18

filterimage_sideload_extensionsgl-import-external-images.php:120

Maintenance & Trust

GL Import External Images Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 29, 2024

PHP min version7.0

Downloads7K

Community Trust

Rating100/100

Number of ratings6

Active installs800

Alternatives

GL Import External Images Alternatives

Smart Auto Upload Images – Import External Images

smart-auto-upload-images

Import external images automatically on save. Adds to media library and updates URLs. No manual downloads. Works with any post type.

2K 1 CVE

Sage Auto Upload Images

sage-auto-upload-images

100

Automatically detect and import external images to your WordPress media library. Bulk process existing posts and prevent broken links.

10 No CVEs

Media Library File Download

media-download

A lightweight plugin that adds one-click download and export functionality to your Media Library.

1K 1 unpatched

URL Image Importer

url-image-importer

Import images from URLs, CSV files, or WordPress XML exports directly into your WordPress Media Library to use across your entire site!

500 2 CVEs

Youtube Thumbnail as Featured Image

youtube-thumbnail-to-featured-image

Use a YouTube Thumbnail as a Featured Image for a WordPress Post. You only have to set a YouTue Video URL and the plugin does the rest.

100 No CVEs

Developer Profile

GL Import External Images Developer Profile

Asiqur Rahman

2 plugins · 810 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect GL Import External Images

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

gliei-wrapgliei-inputgliei-urlgliei-submitgliei-submit-btngliei-message

Data Attributes

name="url"class="gliei-url"name="gliei_nonce"class="gliei_nonce"class="gliei-submit-btn button-primary"

JS Globals

gliei_import_imagegliei_nonceajaxurlwp

REST Endpoints

/wp-json/

FAQ